diff --git a/Harden-Windows-Security Module/Main files/C#/GUI/Protection/EventHandlers.cs b/Harden-Windows-Security Module/Main files/C#/GUI/Protection/EventHandlers.cs
index 096c86027..f78d24ef3 100644
--- a/Harden-Windows-Security Module/Main files/C#/GUI/Protection/EventHandlers.cs
+++ b/Harden-Windows-Security Module/Main files/C#/GUI/Protection/EventHandlers.cs
@@ -674,6 +674,11 @@ await Task.Run(() =>
MiscellaneousConfigurations.MiscellaneousConfigurations_LongPathSupport();
}
+ if (GUIProtectWinSecurity.SelectedSubCategories.Contains("MiscellaneousConfigurations_StrongKeyProtection"))
+ {
+ MiscellaneousConfigurations.MiscellaneousConfigurations_StrongKeyProtection();
+ }
+
break;
}
case "WindowsUpdateConfigurations":
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/AttackSurfaceReductionRules.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/AttackSurfaceReductionRules.cs
index de531eb1e..2653a80c0 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/AttackSurfaceReductionRules.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/AttackSurfaceReductionRules.cs
@@ -7,6 +7,10 @@ namespace HardenWindowsSecurity
{
public static class AttackSurfaceReductionRules
{
+ ///
+ /// Applies Attack Surface Reduction rules
+ ///
+ ///
public static void Invoke()
{
if (GlobalVars.path is null)
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/BitLockerSettings.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/BitLockerSettings.cs
index eed35b1f8..39731b4a8 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/BitLockerSettings.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/BitLockerSettings.cs
@@ -8,7 +8,10 @@ namespace HardenWindowsSecurity
{
public static class BitLockerSettings
{
- // Applies all Bitlocker settings hardening category
+ ///
+ /// Applies all Bitlocker settings hardening category
+ ///
+ ///
public static void Invoke()
{
if (GlobalVars.path is null)
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/CertificateCheckingCommands.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/CertificateCheckingCommands.cs
index 40c619e12..3f2df52df 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/CertificateCheckingCommands.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/CertificateCheckingCommands.cs
@@ -9,6 +9,10 @@ namespace HardenWindowsSecurity
{
public static class CertificateCheckingCommands
{
+ ///
+ /// Checks the certificates of the system and displays ones that don't come by default in Windows
+ ///
+ ///
public static void Invoke()
{
if (GlobalVars.WorkingDir is null || !Directory.Exists(GlobalVars.WorkingDir))
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/CountryIPBlocking.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/CountryIPBlocking.cs
index fb955f515..7d445a621 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/CountryIPBlocking.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/CountryIPBlocking.cs
@@ -4,6 +4,9 @@ namespace HardenWindowsSecurity
{
public static partial class CountryIPBlocking
{
+ ///
+ /// Performs country IP blocking operations
+ ///
public static void Invoke()
{
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/CountryIPBlocking_OFAC.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/CountryIPBlocking_OFAC.cs
index 199004dd2..5971c41c6 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/CountryIPBlocking_OFAC.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/CountryIPBlocking_OFAC.cs
@@ -4,6 +4,9 @@ namespace HardenWindowsSecurity
{
public static partial class CountryIPBlocking
{
+ ///
+ /// Blocks IP address of the countries in the OFAC list
+ ///
public static void CountryIPBlocking_OFAC()
{
Logger.LogMessage("Blocking IP ranges of countries in OFAC sanction list", LogTypeIntel.Information);
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/DangerousScriptHostsBlocking.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/DangerousScriptHostsBlocking.cs
index 1a7903e11..e907c46ad 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/DangerousScriptHostsBlocking.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/DangerousScriptHostsBlocking.cs
@@ -7,6 +7,10 @@ namespace HardenWindowsSecurity
{
public static partial class DownloadsDefenseMeasures
{
+ ///
+ /// Blocks certain dangerous script hosts using AppControl policy
+ ///
+ ///
public static void DangerousScriptHostsBlocking()
{
if (GlobalVars.path is null)
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/DownloadsDefenseMeasures.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/DownloadsDefenseMeasures.cs
index eb069dc6d..d9c83c0e9 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/DownloadsDefenseMeasures.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/DownloadsDefenseMeasures.cs
@@ -4,6 +4,9 @@ namespace HardenWindowsSecurity
{
public static partial class DownloadsDefenseMeasures
{
+ ///
+ /// Prevents executables originating from the Downloads folder from running, using AppControl policy
+ ///
public static void Invoke()
{
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/EdgeBrowserConfigurations.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/EdgeBrowserConfigurations.cs
index 100fa5317..76ff02e80 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/EdgeBrowserConfigurations.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/EdgeBrowserConfigurations.cs
@@ -6,6 +6,10 @@ namespace HardenWindowsSecurity
{
public static class EdgeBrowserConfigurations
{
+ ///
+ /// Applies Microsoft Edge policies
+ ///
+ ///
public static void Invoke()
{
if (GlobalVars.path is null)
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/LockScreen.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/LockScreen.cs
index 369f39f8d..bf6ecc968 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/LockScreen.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/LockScreen.cs
@@ -7,6 +7,10 @@ namespace HardenWindowsSecurity
{
public static partial class LockScreen
{
+ ///
+ /// Applies the LockScreen category policies
+ ///
+ ///
public static void Invoke()
{
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/LockScreen_CtrlAltDel.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/LockScreen_CtrlAltDel.cs
index 373e33164..c69f84e10 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/LockScreen_CtrlAltDel.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/LockScreen_CtrlAltDel.cs
@@ -7,6 +7,10 @@ namespace HardenWindowsSecurity
{
public static partial class LockScreen
{
+ ///
+ /// Will require CTRL + ALT + DEL keys to be pressed on lock screen during logon
+ ///
+ ///
public static void LockScreen_CtrlAltDel()
{
if (GlobalVars.path is null)
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/LockScreen_LastSignedIn.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/LockScreen_LastSignedIn.cs
index 97321da03..b994e6733 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/LockScreen_LastSignedIn.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/LockScreen_LastSignedIn.cs
@@ -7,7 +7,10 @@ namespace HardenWindowsSecurity
{
public static partial class LockScreen
{
-
+ ///
+ /// Will not display who last signed into the device on lock screen
+ ///
+ ///
public static void LockScreen_LastSignedIn()
{
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/MSFTDefender_BetaChannels.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/MSFTDefender_BetaChannels.cs
index 0f850f577..c680f1e4a 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/MSFTDefender_BetaChannels.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/MSFTDefender_BetaChannels.cs
@@ -6,6 +6,10 @@ namespace HardenWindowsSecurity
{
public static partial class MicrosoftDefender
{
+ ///
+ /// Sets Microsoft Defender Engine and Platform update channels to beta
+ ///
+ ///
public static void MSFTDefender_BetaChannels()
{
if (GlobalVars.path is null)
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/MSFTDefender_EnableDiagData.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/MSFTDefender_EnableDiagData.cs
index 42401dea1..7da2bd158 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/MSFTDefender_EnableDiagData.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/MSFTDefender_EnableDiagData.cs
@@ -7,6 +7,10 @@ namespace HardenWindowsSecurity
{
public static partial class MicrosoftDefender
{
+ ///
+ /// Enables diagnostic data to ensure security components of the OS will be able to work as expected and communicate with the services
+ ///
+ ///
public static void MSFTDefender_EnableDiagData()
{
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/MSFTDefender_ScheduledTask.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/MSFTDefender_ScheduledTask.cs
index c8df33658..3176717d6 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/MSFTDefender_ScheduledTask.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/MSFTDefender_ScheduledTask.cs
@@ -7,6 +7,10 @@ namespace HardenWindowsSecurity
{
public static partial class MicrosoftDefender
{
+ ///
+ /// Creates a scheduled task for Microsoft Recommended Drivers Block Rules auto update
+ ///
+ ///
public static void MSFTDefender_ScheduledTask()
{
Logger.LogMessage("Creating scheduled task for fast weekly Microsoft recommended driver block list update", LogTypeIntel.Information);
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations.cs
index 1f9b28bb3..6a3a021e9 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations.cs
@@ -8,6 +8,10 @@ namespace HardenWindowsSecurity
{
public static partial class MiscellaneousConfigurations
{
+ ///
+ /// Applies the Miscellaneous category security measures
+ ///
+ ///
public static void Invoke()
{
if (GlobalVars.path is null)
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations_LongPathSupport.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations_LongPathSupport.cs
index 2da58bcde..711c3571a 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations_LongPathSupport.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations_LongPathSupport.cs
@@ -7,6 +7,10 @@ namespace HardenWindowsSecurity
{
public static partial class MiscellaneousConfigurations
{
+ ///
+ /// Enables support for long paths in Windows for programs
+ ///
+ ///
public static void MiscellaneousConfigurations_LongPathSupport()
{
if (GlobalVars.path is null)
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations_StrongKeyProtection.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations_StrongKeyProtection.cs
index b32bf0721..356dd775d 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations_StrongKeyProtection.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations_StrongKeyProtection.cs
@@ -7,6 +7,10 @@ namespace HardenWindowsSecurity
{
public static partial class MiscellaneousConfigurations
{
+ ///
+ /// Enables strong key protection for saved certificates with private keys
+ ///
+ ///
public static void MiscellaneousConfigurations_StrongKeyProtection()
{
if (GlobalVars.path is null)
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations_WindowsProtectedPrint.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations_WindowsProtectedPrint.cs
index 98dd4df80..c3cd00622 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations_WindowsProtectedPrint.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/MiscellaneousConfigurations_WindowsProtectedPrint.cs
@@ -7,6 +7,10 @@ namespace HardenWindowsSecurity
{
public static partial class MiscellaneousConfigurations
{
+ ///
+ /// Only lets printers who are compatible with the new secure drivers to work
+ ///
+ ///
public static void MiscellaneousConfigurations_WindowsProtectedPrint()
{
if (GlobalVars.path is null)
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/NonAdminCommands.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/NonAdminCommands.cs
index d2bfb1bf3..7565ac337 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/NonAdminCommands.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/NonAdminCommands.cs
@@ -6,6 +6,10 @@ namespace HardenWindowsSecurity
{
public static partial class NonAdminCommands
{
+ ///
+ /// Applies Non-Admin security measures
+ ///
+ ///
public static void Invoke()
{
if (GlobalVars.path is null)
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/WindowsNetworking_BlockNTLM.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/WindowsNetworking_BlockNTLM.cs
index b4bbbd64c..e48a938fe 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/WindowsNetworking_BlockNTLM.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/WindowsNetworking_BlockNTLM.cs
@@ -7,6 +7,10 @@ namespace HardenWindowsSecurity
{
public static partial class WindowsNetworking
{
+ ///
+ /// Blocks usage of NTLM
+ ///
+ ///
public static void WindowsNetworking_BlockNTLM()
{
diff --git a/Harden-Windows-Security Module/Main files/C#/Protect Methods/WindowsUpdateConfigurations.cs b/Harden-Windows-Security Module/Main files/C#/Protect Methods/WindowsUpdateConfigurations.cs
index cf7206c53..50411eb33 100644
--- a/Harden-Windows-Security Module/Main files/C#/Protect Methods/WindowsUpdateConfigurations.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Protect Methods/WindowsUpdateConfigurations.cs
@@ -7,6 +7,10 @@ namespace HardenWindowsSecurity
{
public static class WindowsUpdateConfigurations
{
+ ///
+ /// Applies Windows Update category
+ ///
+ ///
public static void Invoke()
{
if (GlobalVars.path is null)
diff --git a/Harden-Windows-Security Module/Main files/C#/Types/CiPolicyInfo.cs b/Harden-Windows-Security Module/Main files/C#/Types/CiPolicyInfo.cs
index 7dad53512..6a9e2ded9 100644
--- a/Harden-Windows-Security Module/Main files/C#/Types/CiPolicyInfo.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Types/CiPolicyInfo.cs
@@ -5,7 +5,9 @@
namespace HardenWindowsSecurity
{
- // Class to represent a policy with various attributes
+ ///
+ /// Class to represent a policy with various attributes
+ ///
public sealed class CiPolicyInfo
{
public string? PolicyID { get; set; } // Unique identifier for the policy
diff --git a/Harden-Windows-Security Module/Main files/C#/Types/CultureInfoProperties.cs b/Harden-Windows-Security Module/Main files/C#/Types/CultureInfoProperties.cs
index 6a085897d..6a3aacd65 100644
--- a/Harden-Windows-Security Module/Main files/C#/Types/CultureInfoProperties.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Types/CultureInfoProperties.cs
@@ -2,7 +2,9 @@
namespace HardenWindowsSecurity
{
- // a class to hold the properties of the current culture
+ ///
+ /// a class to hold the properties of the current culture
+ ///
public sealed class CultureInfoProperties
{
public string? Parent { get; set; }
diff --git a/Harden-Windows-Security Module/Main files/C#/Types/DefenderPlatformUpdatesChannels.cs b/Harden-Windows-Security Module/Main files/C#/Types/DefenderPlatformUpdatesChannels.cs
index e72942814..cb05d02a9 100644
--- a/Harden-Windows-Security Module/Main files/C#/Types/DefenderPlatformUpdatesChannels.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Types/DefenderPlatformUpdatesChannels.cs
@@ -4,6 +4,9 @@
namespace HardenWindowsSecurity
{
+ ///
+ /// Microsoft Defender Update channel names for Platform and Engine
+ ///
public static class DefenderPlatformUpdatesChannels
{
public static readonly Dictionary Channels = new()
diff --git a/Harden-Windows-Security Module/Main files/C#/Types/IndividualResultClass.cs b/Harden-Windows-Security Module/Main files/C#/Types/IndividualResultClass.cs
index 4da1c1f50..868b2fa68 100644
--- a/Harden-Windows-Security Module/Main files/C#/Types/IndividualResultClass.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Types/IndividualResultClass.cs
@@ -1,9 +1,10 @@
-// Hardening Category results used by the Confirm-SystemCompliance cmdlet
-
#nullable enable
namespace HardenWindowsSecurity
{
+ ///
+ /// A class that defines a single compliance check result
+ ///
public sealed class IndividualResult
{
public string? FriendlyName { get; set; }
diff --git a/Harden-Windows-Security Module/Main files/C#/Windows APIs/TPM.cs b/Harden-Windows-Security Module/Main files/C#/Windows APIs/TPM.cs
index 0bd408f7a..e50b51514 100644
--- a/Harden-Windows-Security Module/Main files/C#/Windows APIs/TPM.cs
+++ b/Harden-Windows-Security Module/Main files/C#/Windows APIs/TPM.cs
@@ -8,7 +8,9 @@
namespace HardenWindowsSecurity
{
- // Class that contains the results of TPM status checks
+ ///
+ /// Class that contains the results of TPM status checks
+ ///
public sealed class TpmResult
{
public bool IsEnabled { get; set; }